New Update Defender Hardening Console Executable

[Avethil]

Hello,
Microsoft Defender flags as malware the file https://deploy.hea-p.com/executable/AiDefender.exe from the official website. I've downloaded it now and Microsoft Defender quarantined it

 

[Trident]

Hello,
Microsoft Defender flags as malware the file https://deploy.hea-p.com/executable/AiDefender.exe from the official website. I've downloaded it now and Microsoft Defender quarantined it
View attachment 295164

I know, I am not submitting EA and intermediate builds to MS.

 

[Avethil]

I understand, but the downloadable file on the official website should be not a early alpha or intermediate build. Indeed I wished to warn you of this fact, as I didn't have any issue with the file I downloaded from the official website some days ago (2.968.576 bytes) but new users which today will try to download the current file will get the Microsoft Defender alert, so maybe would be better to restore the previous file on the official website. Mine is just a suggestion, of course.

 

[Trident]

New version is now official and live!

VirusTotal

VirusTotal

www.virustotal.com

There is only one detection from Huorong, however the increased Microsoft heuristics (through the console) could lead to the file being flagged.
It has been submitted to Microsoft anyway and any detections will be cleared soon.

In addition, you can create exclusions.

1. Tweaked UI
The frontend has been redesigned with new typography (which is expected to become the company face soon), new icons and transitions.

2. Redesigned Deep Firewall Control

The Deep Firewall Control now groups all application files together and displays detailed application descriptions

3. Loads of bug fixes and performance improvements

A note on WebView2Loader.dll

As of this version, this DLL is no longer integrated within the executable.

To use the software, either use this installer, which will download everything needed:

https://deploy.hea-p.com/executable/DHCInstaller.exe

Or download these 2 files and save in one folder

https://deploy.hea-p.com/executable/AiDefender.exe

https://deploy.hea-p.com/executable/WebView2Loader.dll

Or both files in an archive: https://deploy.hea-p.com/executable/Release.zip

 

[Avethil]

I will try it in some minutes

 

[Trident]

I will try it in some minutes

They should clear the detection in 1-2 hours as always.

It affects only the higher heuristic levels.

It’s an exciting release indeee.

 

[Avethil]

The Deep Firewall verification scan seems stuck on "Discovering Applications". A few minutes have already passed but it's still at 0 %. I already have some active rules from the previous AIDefender.exe version but I guess it's not the reason of the issue.

 

[Avethil]

I've also started the scan from the Deep Firewall rules panel, with the same result.

 

[Trident]

I've also started the scan from the Deep Firewall rules panel, with the same result.
View attachment 295181

Try to delete the rules cache which is in C:\ProgramData\Hawk Eye Analysis Platform\DFC\rules.bin and see if this is gonna help.

I did have this issue with corrupted cache.

The new version implements new caching.

Additionally, uninstalling will delete the cache and everything as well.

 

[Avethil]

Try to delete the rules cache which is in C:\ProgramData\Hawk Eye Analysis Platform\DFC\rules.bin and see if this is gonna help.

I deleted rules.bin but the scan stays stuck at 0 %. There is also the file C:\ProgramData\Hawk Eye Analysis\Network Cache.bin but I didn't delete it.

 

[Gandalf_The_Grey]

View attachment 295154

And the installer is now ready as well.

The installer also works as a weekly silent updater and uninstaller (a very clean one) removing the product, the one single registry entry that it writes, all related files and firewall rules.

The installation process creates a desktop shortcut, checks the system for the necessary components and deploys them if missing and downloads the newest application files.

Note: Under the new architecture the only web view module that the application loads must be Microsoft-signed.
This eliminates the opportunity for dll hijacking.

https://deploy.hea-p.com/executable/DHCInstaller.exe

The installer put the files in C:\Program Files\Hawk Eye Analysis\DHC and creates a desktop shortcut, but it will not add AiDefender to the startmenu?
I prefer to have a clean (empty) desktop.
Users should not use the updater themselves, because it is an automatic weekly running silent updater?
It creates a scheduled task:

 

[tiktoshi]

 

[Trident]

The installer put the files in C:\Program Files\Hawk Eye Analysis\DHC and creates a desktop shortcut, but it will not add AiDefender to the startmenu?
I prefer to have a clean (empty) desktop.
Users should not use the updater themselves, because it is an automatic weekly running silent updater?
It creates a scheduled task:
View attachment 295194

Yes, that’s all correct.

I will add the start menu shortcut.

 

[Trident]

View attachment 295195

Is that clam av?

 

[tiktoshi]

Is that clam av?

Yes, using the Clamav engine in a new project

 

[tiktoshi]

Is that clam av?

Adding an engine failed because it consumes and eats up resources.

 

[Mops21]

Hi @tiktoshi

Can you make a new thread open please for your new project please and add your posts from here in the new thread please

Mops21

 

[printing]

i have this error when applying settings. Have disable tamper protection as well

 

[printing]

encountered this when applying hardening and network settings

 

[Avethil]

Hello,
did you run AIDefender.exe wih Admin Rights ? New Update - Defender Hardening Console Executable